Coupa Supplier Portal Two-Factor Authentication

The CSP leverages Google Authenticator, which is available for iOS and Android devices. You need to install it on your mobile device if you want to enable two-factor authentication. See Install Google Authenticator for help with installing the app on your mobile device.

Instead of the authenticator, you can also use SMS to receive verification codes.

Enabling Two-Factor Authentication

Your customers can require you to use two-factor authentication to log in to the CSP and access their data, in which case you have to enable it.

Make sure you have your mobile device with you before enabling two-factor authentication.

Enter and validate your phone number to receive SMS notifications or verification codes through SMS.

Under Two-Factor Authentication, click Enable for SMS or Two Factor Authenticator App depending on how you want to receive the verification codes.

For SMS, enter the verification code in the pop-up window.

For installing and using the authenticator app, follow the on-screen instructions.

Choose Remember this computer for 30 days if you're not using a shared or public computer, and click Enable.

Print your backup codes or email them to yourself before you click OK. If you ever lose your device, you need these to regain access to your CSP account.

You can only use a recovery code once, so it's a good idea to refresh your list if you have to use a recovery code. Go to Account Settings > Security & Two-Factor Authentication and click Regenerate Recovery Codes to get a new list of codes.

If you enable or disable two-factor authentication, you get an email notification of the change.

Signing into the Coupa Supplier Portal with Two-Factor Authentication

Depending on your setting, open Google Authenticator on your device and choose your CSP account. Get the number that's shown. Or open the newly received text message that contains the verification code.

Type the two-factor authentication code in the appropriate field. For the authenticator, choose Remember this computer for 30 days if you're not using a shared or public computer, and click Log In.

The code that Google Authenticator provides is good only for 60 seconds. If you don't type that code on the CSP sign-in page and click Log In within 60 seconds, you have to get a new code and try again.

If your supplier is locked out and they don't have their six-digit backup validation code, contact Coupa Support who will ask you to provide the supplier's declaration form and either their email used to log in to the CSP or a copy of their photo ID or passport to verify their identity.